﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;

namespace NG
{
    class userHandler : IUserHandler
    {
        private string tableName = "[dbo].[User]";
       
        public void addUser(User user)
        {
            if (user.username == string.Empty || user.password == string.Empty)
            {
                throw new System.ArgumentNullException("Parameters can not be Null");
            }
            if (user.permission > 2 || user.permission < 0)
            {
                throw new System.ArgumentException("Valid user.permission");
            }
            DBConnect con = new DBConnect();
            string tbn = "[" + con.dbName + "]." + this.tableName;

            string query = "INSERT INTO " + tbn + " VALUES ('" + user.username + "','" + user.password + "',"
                + user.permission + ");";

            SqlCommand cmd = new SqlCommand(query, con.connection);
            try
            {
                cmd.ExecuteNonQuery();
            }
            catch (SqlException ex) 
            {
                throw ex;
            }
                if (con.CloseConnection() == false)
            {
                throw new System.Exception("Couldn't disconnect from the Database");
            }
        }

        public void deleteUser(User user)
        {
            if (user.username == string.Empty)
            {
                throw new System.ArgumentNullException("Parameters can not be Null");
            }
            DBConnect con = new DBConnect();
            string tbn = "[" + con.dbName + "]." + this.tableName;

            if (con.OpenConnection() == false)
            {
                throw new System.Exception("Couldn't connect to the Database");
            }

            string query = "DELETE FROM " + tbn + " WHERE username = '" + user.username + "'";
            SqlCommand cmd = new SqlCommand(query, con.connection);
            cmd.ExecuteNonQuery();

            if (con.CloseConnection() == false)
            {
                throw new System.Exception("Couldn't disconnect from the Database");
            }

        }

        public void updateUserDetails(User user)
        {
            DBConnect con = new DBConnect();
            if (con.OpenConnection() == false)
            {
                throw new System.Exception("Couldn't connect to the Database");
            }

            string tbn = "[" + con.dbName + "]." + this.tableName;

            string query = "UPDATE  " + tbn + " SET password = '" + user.password +"',permission ='"+
                    user.permission+ "' WHERE username = '" + user.username + "'";
            SqlCommand cmd = new SqlCommand(query, con.connection);
            cmd.ExecuteNonQuery();
            if (con.CloseConnection() == false)
            {
                throw new System.Exception("Couldn't disconnect from the Database");
            }


        }//updateUserDetails

        //public void updatePass(User user, string newpassword)
        //{
        //    if (user.username == string.Empty || newpassword == string.Empty)
        //    {
        //        throw new System.ArgumentNullException("Parameters can not be Null");
        //    }

        //    DBConnect con = new DBConnect();
        //    if (con.OpenConnection() == false)
        //    {
        //        throw new System.Exception("Couldn't connect to the Database");
        //    }
        //    string query = "UPDATE users SET password =" + "'" + newpassword + "'"
        //                               + "WHERE username=" + "'" + user.username + "'";
        //    SqlCommand cmd = new SqlCommand(query, con.connection);
        //    cmd.ExecuteNonQuery();
        //    if (con.CloseConnection() == false)
        //    {
        //        throw new System.Exception("Couldn't disconnect from the Database");
        //    }

        //}

        //public void updatePer(User user, int newper)
        //{
        //    if (user.username == string.Empty || newper > 1 || newper < 0)
        //    {
        //        throw new System.ArgumentNullException("Parameters can not be Null");
        //    }

        //    if (newper > 1 || newper < 0)
        //    {
        //        throw new System.ArgumentException("Parameters not valid");
        //    }
        //    DBConnect con = new DBConnect();
        //    if (con.OpenConnection() == false)
        //    {
        //        throw new System.Exception("Couldn't connect to the Database");
        //    }
        //    string query = "UPDATE users SET permission =" + "'" + newper + "'"
        //                               + "WHERE username=" + "'" + user.username + "'";
        //    SqlCommand cmd = new SqlCommand(query, con.connection);
        //    cmd.ExecuteNonQuery();
        //    if (con.CloseConnection() == false)
        //    {
        //        throw new System.Exception("Couldn't disconnect from the Database");
        //    }
        //}



        public bool login(User user)
        {
           
            DBConnect con = new DBConnect();
            string tbn = "[" + con.dbName + "]." + this.tableName;

            if (con.OpenConnection() == false)
            {
                throw new System.Exception("Couldn't connect to the Database");
            }
            string query = "SELECT * FROM " + tbn + " WHERE username = '" + user.username + "'AND password = '" + user.password + "'";
            
            SqlCommand cmd = new SqlCommand(query, con.connection);
            SqlDataReader myDataReader;
            myDataReader = cmd.ExecuteReader();
            bool flag = false;
            if (myDataReader.HasRows) flag = true;
            try
            {
                myDataReader.Close();
            }
            catch (Exception ex)
            {
                throw ex;
            }

            if (con.CloseConnection() == false)
            {
                throw new System.Exception("Couldn't disconnect from the Database");
            }

            return flag;
        }
    }
}   


  
       



    


